Leveraging the Power of AI to Stop Email Scammers

Staff members are on the frontline when it comes to cyberattacks against their employers. They’re increasingly seen by hackers as a weak link in the cybersecurity chain. That’s why most threats today come via email, aimed squarely at tricking the recipient into downloading malware, divulging log-ins or making wire transfers to the attacker. We predict cumulative losses from Business Email Compromise (BEC) attacks alone will hit $9 billion this year.

As attacks get smarter, so must we. That’s why Trend Micro is introducing two innovative new offerings to help in the fight against email scammers. One is a new AI-powered feature designed to improve BEC detection while the other will help IT teams train their employees to spot phishing attacks. It’s one more step towards taking the fight to the bad guys.

The email threat

There’s no doubt that email is the primary threat vector for attackers targeting organizations today. The Trend Micro™ Smart Protection Network™ blocked more than 66 billion threats in 2017, over 85 percent of which were emails containing malicious content.

BEC is an increasingly favored tactic as the rewards can be huge. It’s hard for many organizations to spot because attacks typically don’t contain any malware; they rely mainly on social engineering of the carefully selected recipient. That recipient, usually in the finance department, is sent an email impersonating the CEO, CFO, or other executive requesting that they urgently make a wire transfer or reply with sensitive data. With average losses topping $130,000 per incident, it’s no surprise that we saw an increase in attempted BEC attacks on our customers of 106 percent between 1H and 2H 2017.

This is not to underplay the impact phishing continues to have on organizations around the globe. By targeting employees, attackers can spread malware and covertly infiltrate networks to steal sensitive data and IP. Results from the Black Hat Attendee Survey last year illustrate the impact this trend is having on organizations.

IT Leaders cited phishing as their #1 security concern

Phishing was identified as the most time-consuming threat

The weakest link in IT security was cited as end users being tricked by phishing attacks

19 percent rated phishing as the most serious cyber threat to emerge within the past year, second only to ransomware

Taking action

The potential financial and reputational damage of such attacks is obvious. In the face of these rising threat levels we must hit back — and we have, with two new free tools.

Writing Style DNA includes new AI-powered technology that learns how executives write so that it can spot impersonation attempts, and sends a warning to the implied sender, recipient and the IT department. It sounds straightforward but requires serious computing power and smart AI algorithms to achieve. For each user, a personal model is created using 7,000 features of writing characteristics to train the system — things like punctuation and sentence length. We convert emails to meta data before analyzing, to protect customer’s privacy and meet compliance requirements.

Focusing on the writing style in the body of the email complements existing techniques that analyze behavior and intention. Some of these current techniques can fail if, for example, the attacker uses compromised accounts at legitimate domains to hide the true origin of the email. It’s one more tool to help IT teams push back the rising tide of email threats, and it will be made available at no extra cost as part of Cloud App Security (CAS) for Office 365 and ScanMail for Microsoft Exchange (SMEX),

First line of defense

Technology is a vital layer of defense to keep email threats at bay. But what about your employees, who are often thought of as the ‘weakest link?’

We can help here, too. A new free SaaS-based phishing simulation service can help IT teams train employees to spot attempted attacks before they have a chance to impact the organization. Phish Insight is all about enhancing awareness of your staff. All it takes is one administrator, four steps and five minutes to run a real-world exercise designed to mimic what employees might see at their desks.

With the detailed reporting results, displayed in a handy graphical interface, IT teams can then tailor their education programs to make lasting behavioral changes.

Phish Insight is now available free of charge to all organizations of all sizes around the world. The service has been available for a year in Asia and has generated huge interest as organizations leverage it to turn their weakest link into a formidable first line of defense. As email threats continue to rise, we’d encourage you to take a look.

To stop phishing and social engineering attacks it is critical to make both your people and your technology smarter. Phish Insight trains your people to better spot phishing attacks and Writing Style DNA confirms the authorship of an email to prevent CEO fraud and other types of BEC attacks.